It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-6)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda CloudGen Access

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-6)

Network

Last updated on 2024-05-24 02:11:39

Requirements

These are the network requirements for a secure working installation:
- Internal resources (configured from the CloudGen Access Console) can only communicate with the internal leg of the Envoy Proxy.
- The Envoy proxy has an internal leg and an internet-facing leg.
- The Internet-facing leg needs to expose the configured CloudGen Access Proxy port.

Firewall Configuration

All values are assumed to be default values.

Component	Description	Direction	Protocol / Port	Mode
Envoy Proxy	Access port	Inbound	Configured in Console	All
	Registered resources	Outbound	Configured in Console	All
	CloudGen Access Proxy Orchestrator	Outbound	TCP 50051	All
CloudGen Access Proxy Orchestrator	Envoy Proxy Cluster	Inbound	TCP 50051	All
	CloudGen Access Console API	Outbound	TCP 443	All
	Redis	Outbound	Configured Redis port	HA mode

Network Diagram